On Tue, Jul 22, 2008 at 07:01:42AM -0700, elsergio wrote: > I have been suggested this > >> http_port 80 81 #to make squid listen to the desired ports > > One per line. > > Do I have to do something like this? > > http_port 80 > acl all src 0.0.0.0/0.0.0.0 > always_direct allow all > cache_peer ip1 parent 8080 0 no-query origin_server name=DS1 > cache_peer_access allow DS1 > > http_port 81 > acl all src 0.0.0.0/0.0.0.0 > always_direct allow all > cache_peer ip2 parent 8181 0 no-query origin_server name=DS2 > cache_peer_access allow DS2 No, the "one per line" remark was purely aimed at the http_port thing; as in: http_port 80 http_port 81 ...other directives follow... squid doesn't particularly care about the order of directives in the configuration file, except you cannot refer to something you have not yet defined. If it aids your understanding you can split the http_port directives up and have settings which apply to each directly following them, but that's not a requirement (and nor is it usually particularly helpful in aiding understanding). > I dont know if this is the way to determine that all the incoming > requests to port 80 will go to 1p1:8080 and the requests to port > 81 will go to ip2:8181. Is this the way to do it? Nope. As Amos said, you need to define ACLs which define which URLs will be passed to each of your parents, and then assign these using cache_peer_access. Have you read the documentation Amos directed you to? You need to define an ACL for your "DS1" server, e.g. acl myport80 myport 80 cache_peer_access allow DS1 myport80 cache_peer_access deny DS1 all (Note that you need to define the "all" ACL first, as you have done in your example. Only define it once, though.) Then repeat the process for "DS2": acl myport8 myport 81 cache_peer_access allow DS2 myport81 cache_peer_access deny DS2 all Note also that you don't want to use always_direct, as that tells squid to bypass its cache_peers and connect directly to the origin server which it finds by doing a DNS lookup. Assuming you want to give your ACLs a more meaningful name, your configuration will look something like this: http_port 80 http_port 81 cache_peer ip1 parent 8080 no-query originserver name=DS1 cache_peer ip2 parent 8181 no-query originserver name=DS2 acl forDS1 myport 80 acl forDS2 myport 81 acl all src 0.0.0.0/0.0.0.0 cache_peer_access allow DS1 forDS1 cache_peer_access deny DS1 all cache_peer_access allow DS2 forDS2 cache_peer_access deny DS2 all Plus you'll have other elements from the default / recommended configuration. There are multiple ways of applying the access lists; the way I've described above is what I usually prefer, but: cache_peer_access deny DS1 !forDS1 cache_peer_access deny DS2 !forDS2 will do the same thing in less lines. Depends what you find easier to understand yourself.
